Information Security Specialist at Federal Reserve Bank, collaborating across teams to strengthen economic and financial systems. Focused on operating the DevSecOps program according to established standards and policies.
SL
Hybrid Associate Director – Cyber Security Offensive Engineer
Posted 2 months ago
About the role
- Associate Director leading cybersecurity offensive security initiatives in a hybrid role. Managing red teaming, attack simulations, and enhancing overall security resilience with a focus on executive collaboration.
Responsibilities
- Develop and implement the organization’s offensive security strategy.
- Lead red teaming and advanced persistent threat (APT) simulations to assess security defenses.
- Oversee enterprise-wide penetration testing programs and provide risk-based recommendations.
- Manage a team of offensive security professionals and oversee security assessments.
- Perform threat modeling and attack simulations against critical IT assets.
- Collaborate with executive leadership to align offensive security with business objectives.
- Evaluate and integrate advanced security tools and technologies for attack simulation.
- Provide technical leadership in security research, vulnerability analysis, and adversary tactics.
- Deliver strategic insights and reports to C-level executives and security committees.
- Drive internal cybersecurity awareness and training initiatives.
- Keep up with global cybersecurity trends, new attack techniques, and regulatory changes.
Requirements
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.
- Experience in offensive security, penetration testing, and ethical hacking.
- Proven leadership experience in managing red teaming and adversarial security programs.
- Expertise in attack simulation, risk analysis, and security strategy development.
- Advanced knowledge of network security, malware analysis, exploit development.
- Hands-on experience with penetration testing frameworks and security automation tools.
- Strong stakeholder management and executive communication skills.
- Deep understanding of regulatory frameworks (ISO 27001, PCI-DSS, NIST, GDPR).
- Preferred certifications: OSWE, OSCP, CISSP, GXPN, or equivalent.
- Bilingual proficiency in Thai and English is a strong advantage.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Protective Security Officer supporting information security and physical security processes at Telia. Collaborating with clients and team members for effective security management.
Application Security Lead at Mastercard enhancing application security and collaborating with development teams. Leading initiatives, guiding secure coding practices, and fortifying cybersecurity posture.
Senior Cloud Security Architect for Texas state government project. Designing secure cloud architectures and integrating security in DevSecOps pipelines.
Linux Network Security Engineer at Booz Allen Hamilton architecting and deploying Endace packet capture systems across a distributed enterprise. Integrating with analytics ecosystems and ensuring optimal performance.
Product Manager responsible for managing Microsoft Security Services portfolio at Softchoice. Engaging with customers, Microsoft and stakeholders to drive market success and growth.
Information System Security Officer detecting and documenting security configurations for government solutions. Collaborating with teams to provide secure and effective solutions against advanced cyber threats.
IT Infrastructure and Security Administrator overseeing management and maintenance of IT systems at Avive Solutions. Focused on user devices, networks, and authentication systems.
Systems Administrator managing IT support and compliance activities in a tech - oriented company. Leading infrastructure design and security measures while collaborating with managed service providers.
Cyber Security Expert supporting project teams with structured risk assessments and compliance documentation at Nordex wind farms. Collaborating closely with Information Security to ensure secure operations.